Viruses? Nah, better. Cheap chinese android phones hide malware from the start

Well, this is new for 2016.. Apparently this is a new direction they’re taking. Instead of trying to get you to install spyware/adware/whateverware apps, the new kids on the block made a deal with the smartphone producers themselves, to embed their crap directly into the operating system. No wonder Google Pixel will be so darn desired, besides the latest IPhone.. Long story short, I bought a phone online, not from the chinese market directly but through the best and most “honest” and top choice local (read international, even, as in not chinese) online store (not named here because I want my thing solved, not them to get punished, though…) and luckily for me I don’t have any sort of data plan otherwise the malware would have made me really angry. After installing Malwarebytes, I got me a boo-boo: Xinyinhe spyware. Android/PUP.Adware.Xinyinhe to be more precise. And it was (an’ still is, because I won’t root before I get me money back) exactly under system apps, impossible to remove without root. There. Brand new phone from Doogee, sporting Android 6. Wireless updates? Oh yeah. Did nothing. Second wireless update? Malware hidden. So well, Malwarebytes won’t detect, but I managed to get my hands on a firewall/logger – guess what: SystemUI now somehow makes bloody connections to chinese servers. Gonna dig some more into this because I’m really, really, pissed off.

Post Scriptum: How do I know it was embedded in the rom? Gee, let’s see.. They have rom-s free for download from the official site. And gee, I wonder if you can guess what a scan of one of those found… Bloody wankers..

Advertisements

Well? Post a comment:

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s